|
|
The Security Manager is the gatekeeper of the application. It verifies
that a class has permission to perform a requested operation when that
operation is requested of the class.
-
There are quite a few operations the Security Manger checks. Those
are listed on page 877-878 of the book.
-
Most classes do not run with a Security Manager installed by default, so
all operations are permitted.
-
Applets, however, use the AppletSecurity manager, which is quite restrictive.
-
Downloaded Remote Method Invocation (RMI) classes use the RMISecurityManager.
-
RMI has a capability to dynamically download client classes. Since
these classes are downloaded, presumably from an external server, the security
manager can restrict what they can do on the client computer. Since
the security information is handled locally, this puts the control at the
end-user or customer level.
Security Manager, Security Exception Detailed
|